DHarley – Page 17 – WindowsTechs.com

Ransomware Roundup – 19th April 2016

Posted on April 19, 2016 by DHarley

Proofpoint’s analysis of malware they call CryptXXX can be found here: CryptXXX: New Ransomware From the Actors Behind Reveton, Dropping Via Angler. Proofpoint observes that it has seen ‘an Angler EK into Bedep pass pushing both a ransomware payload and Dridex 222. Which may or may not be connected to the fact that Spamfighter has reported […] Continue reading Ransomware Roundup – 19th April 2016→

JBoss Backdoors

Posted on April 18, 2016 by DHarley

[18th April 2016] Alexander Chiu for Talos looks hard at the JBoss vulnerability: WIDESPREAD JBOSS BACKDOORS A MAJOR THREAT. Chui observes: We found just over 2,100 backdoors installed across nearly 1600 ip addresses. He notes that several compromised systems have the Follett “Destiny” Library Management System software installed, and includes Indicators of Compromise and Snort rules. US-CERT […] Continue reading JBoss Backdoors→

Petya – cracking the encryption for free

Posted on April 11, 2016 by DHarley

A flaw in Petya – the current version, at least – has allowed an unidentified researcher to create a key generator to crack the encryption without paying 0.9 bitcoin to the criminals. BBC story: Petya ransomware encryption system cracked. Commentary by David Bisson for Graham Cluley’s blog: Infected by Petya ransomware? Use this tool to unlock your […] Continue reading Petya – cracking the encryption for free→

I do not like that SamSam-I-am ransomware

Posted on March 31, 2016 by DHarley

Darren Pauli for the The Register flags the rise of a ransomware variant that, according to Talos, has ‘a particular focus on the healthcare industry’. Pauli’s article: Hospital servers in crosshairs of new ransomware strain – SamSam virus is highly contagious and Bitcoin’s the only known cure. He also summarizes Maktub, which resembles SamSam in that files are […] Continue reading I do not like that SamSam-I-am ransomware→

Angling for Ransomware

Posted on March 16, 2016 by DHarley

Angler takes a lead role in an article by Graham Cluley for Tripwire: Crypto-ransomware Spreads via Poisoned Ads on Major Websites David Harley Continue reading Angling for Ransomware→

Two ‘need to know’ ransomware articles

Posted on March 10, 2016 by DHarley

Here are a couple of ‘what you need to know’ articles on ransomware. At some point I might come back to make a few comments about individual points, but in general, if you’re still puzzled as to what it’s all about, you might find some useful thoughts here. Heimdal Security: What is Ransomware and 9 Easy Steps […] Continue reading Two ‘need to know’ ransomware articles→